Traffic analysis sheds light on weekday habits of attackers such as the most likely day for attacks and how malicious infrastructure is shared.
Link: https://threatpost.com/weekdays-attacks-share-resources/145685/
Tag: Hacks
Linux Command-Line Editors Vulnerable to High-Severity Bug
A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations.
Link: https://threatpost.com/linux-command-line-editors-high-severity-bug/145569/
WordPress Sites Worldwide Hit with ‘Call-Girl’ Search-Engine Pollution
A web spam campaign targeting Koreans is affecting non-hacked websites worldwide.
Link: https://threatpost.com/wordpress-sites-call-girl-search-engine-pollution/145555/
How to Model Risk in an Apex Predator Cyber-World
Large-scale existential threats exist everywhere and can annihilate us with only trivial effort. Should we all throw everything we can at them?
Link: https://threatpost.com/how-to-model-risk-in-an-apex-predator-cyber-world/145499/
VLC Player Gets Patched for Two High-Severity Bugs
Popular media player receives 33 security bug fixes, two of which are rated high severity.
Link: https://threatpost.com/vlc-player-gets-patched-for-two-high-severity-bugs/145518/
SandboxEscaper Debuts ByeBear Windows Patch Bypass
SandboxEscaper is back, with a second bypass for the recent CVE-2019-0841 Windows patch.
Link: https://threatpost.com/sandboxescaper-byebear-windows-bypass/145470/
Streaming Video Fans Open to TV Hijacking
Critical bugs impact a widely deployed streaming platform, common in the U.S. and elsewhere.
Link: https://threatpost.com/streaming-video-tv-hijacking/145433/
Buggy Phishing Kits Allow Criminals to Cannibalize Their Own
The vulnerable kits also offer a point of entry to compromise legitimate website servers.
Link: https://threatpost.com/buggy-phishing-kits-criminals-cannibalize/145399/
Newly-Identified BEC Cybergang Targets U.S. Enterprise Victims
At Infosecurity Europe, researchers detailed a cybergang that grew from a one-man shop launching Craigslist scams to a full-on enterprise BEC group.
Link: https://threatpost.com/newly-identified-bec-cybergang-targets-u-s-enterprise-victims/145195/
AI Isn’t Good Enough When Lives Are on the Line, Experts Warn
During Infosecurity Europe in London this week, cybersecurity experts sounded off on worries about artificial intelligence being used for nation state cyber weapons.
Link: https://threatpost.com/ai-isnt-good-enough-when-lives-are-on-the-line-experts-warn/145302/